← Back

CVE-2026-4685

nvd nist
Published: Mar 24, 2026Modified: Apr 13, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Affected (3)

Products: Mozilla: Firefox
Mozilla
1 product
Firefox
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Firefox
Before 149.0
Firefox
Before 115.34.0
Firefox
From 128.0 to 140.9.0

Related CWEs

CWE-754
Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (6)

Source: security@mozilla.org
Permissions Required
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Source: security@mozilla.org

Timeline

No history available yet.